endpoint and http processor signature

[amitu]

The endpoint and http processors may be written with the assumption that they should only accept requests from fastn. One way for them to verify this is if we pass a signature. We already have a FASTN_SECRET_KEY available to fastn, so fastn can include an extra header X-FASTN-PROCESSOR-SIGNATURE or X-FASTN-ENDPOINT-SIGNATURE. We will also ship with fastn.django middleware that will check if these headers are set and signature is verified. To avoid possible replay attack, we will include the content of the header and a one time nonce in the signature as well.

Also to make matters simple, we can do encryption of payload as well, so your services can safely run on http, without worrying about client data getting leaked to snoofers.